package com.hlbbcsr.security;

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

import com.hlbbcsr.domain.bean.Customer;

public class CustomAuthenticationProvider implements AuthenticationProvider {
 
    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String username = authentication.getName();
        String password = (String) authentication.getCredentials();

        //if (user == null) {
        //    throw new BadCredentialsException("Username not found.");
        //}
 
        if (!username.equals(password)) {
            throw new BadCredentialsException("Wrong password.");
        }
 
        Customer customer = new Customer();
        customer.setCustomerName(username);
        WebUserDetails principal = new AppWebUserDetails(customer, "ROLE_MEMBER");
        
        return new UsernamePasswordAuthenticationToken(principal, password, principal.getAuthorities());
        
    }
 
    @Override
    public boolean supports(Class<?> arg0) {
        return true;
    }
}